Perfect Forward Secrecy – CompTIA Security+ SY0-501 – 6.1

Traditional web server encryption has relied on a single private key to provide confidentiality. In this video, you’ll learn about the alternative of perfect forward secrecy.

<< Previous Video: States of Data Next: Common Cryptography Use Cases >>


When our browser is communicating to a web server over an encrypted channel it’s using SSL, or what is now technically TLS to be able to encrypt the data between the server and the client. This has traditionally been based on a private key that is stored on the web server. It’s this one private key that’s used to encrypt the symmetric keys that are transferred between the server and the client.

That means if you have a copy of the private key from that web server and you have captured all of the data going across the network, you can effectively rebuild all of the conversations and view everything in a decrypted form. This is one point of failure for all the encryption that is occurring between your web server and your clients.

But fortunately, there are things you can do to remove this particular point of failure but still maintain the security of all your network traffic. One way to avoid this single point of failure is through the use of perfect forward secrecy or PFS. This is a different way of exchanging keys. You’re not using the server’s private key, you’re instead going to create keys on the fly.

You might use elliptic curve cryptography or an ephemeral or temporary set of keys instead of storing permanent keys on the server. That means if someone did capture all of this encrypted traffic occurring across the network, they would not be able to decrypt it because they would not have access to the private key.

As you can guess Perfect Forward Secrecy uses more computing power than if you’re using a single private key on a web server so not everyone is going to use PFS as the default. All of the browsers connecting to the system also need to be able to support PFS. Most modern browsers support PFS. But if you have some older legacy systems or some older browsers, you may find that they’re not able to communicate over an encrypted channel to a server that is using PFS for its encryption.